Lucene search
K

23 matches found

EUVD
EUVD
added 2026/04/10 12:30 a.m.3 views

EUVD-2026-21228

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.3AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/04/09 11:17 p.m.12 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS0.00175EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/09 11:17 p.m.7 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS6.2AI score0.00175EPSS
Exploits0References2
CVE
CVE
added 2026/04/09 10:53 p.m.20 views

CVE-2026-5295

The CVE describes a stack buffer overflow in wolfSSL’s PKCS7 code (wc_PKCS7_DecryptOri() in wolfcrypt/src/pkcs7.c) when handling CMS EnvelopedData with an OtherRecipientInfo (ORI) recipient. A parsed OID longer than 32 bytes is copied into a fixed 32-byte stack buffer (oriOID[MAX_OID_SZ]) without...

8CVSS6.3AI score0.00175EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/09 10:53 p.m.25 views

CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS0.00175EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/09 10:53 p.m.9 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

8CVSS5.7AI score0.00175EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-_ori (npm)

The package @zalastax/nolb-ori was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-10293 Malicious code in @zalastax/nolb-_ori (npm)

The package @zalastax/nolb-ori was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2024/10/16 1:9 p.m.7 views

MAL-2024-9744 Malicious code in ori-gabriel-poc (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:9 p.m.4 views

Malicious code in ori-gabriel-poc (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:9 p.m.4 views

Malicious code in ori-gabriel (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/10/16 1:9 p.m.5 views

MAL-2024-9743 Malicious code in ori-gabriel (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/09/08 10:35 a.m.5 views

MAL-2024-10226 Malicious code in ori-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b71bf5ca700406e224508f08266da2a443693d48eb216c3854de6be0d1451346 The OpenSSF Package Analysis project identified 'ori-poc' @ 1.0.3 npm as malicious. It is considered malicious because: - The package executes o...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/08 10:35 a.m.3 views

Malicious code in ori-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b71bf5ca700406e224508f08266da2a443693d48eb216c3854de6be0d1451346 The OpenSSF Package Analysis project identified 'ori-poc' @ 1.0.3 npm as malicious. It is considered malicious because: - The package executes o...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/08 10:15 a.m.4 views

Malicious code in ori-gabriel-rce-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f71bb03bb69baf10b63677477b19ab39b9793ad35b10850961a6ee291b10c1f The OpenSSF Package Analysis project identified 'ori-gabriel-rce-test' @ 1.0.1 npm as malicious. It is considered malicious because: - The packa...

7.2AI score
Exploits0
OSV
OSV
added 2024/09/08 10:15 a.m.6 views

MAL-2024-9745 Malicious code in ori-gabriel-rce-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f71bb03bb69baf10b63677477b19ab39b9793ad35b10850961a6ee291b10c1f The OpenSSF Package Analysis project identified 'ori-gabriel-rce-test' @ 1.0.1 npm as malicious. It is considered malicious because: - The packa...

7.4AI score
Exploits0
OSV
OSV
added 2024/09/08 10:14 a.m.5 views

MAL-2024-9747 Malicious code in ori-gabriel-test2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97118bb098b3b51630483b77d70977a582c54e3768ff5c54a65435870b3840de The OpenSSF Package Analysis project identified 'ori-gabriel-test2' @ 7.7.9 npm as malicious. It is considered malicious because: - The package...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/08 10:14 a.m.4 views

Malicious code in ori-gabriel-test2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 97118bb098b3b51630483b77d70977a582c54e3768ff5c54a65435870b3840de The OpenSSF Package Analysis project identified 'ori-gabriel-test2' @ 7.7.9 npm as malicious. It is considered malicious because: - The package...

7.2AI score
Exploits0
OSV
OSV
added 2024/09/08 10:7 a.m.4 views

MAL-2024-9746 Malicious code in ori-gabriel-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80e4a738169f3040e2786d44f744d9646f6ae11d6b59e30d03c4edba106a7c2d The OpenSSF Package Analysis project identified 'ori-gabriel-test' @ 7.7.8 npm as malicious. It is considered malicious because: - The package...

7.4AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/08 10:7 a.m.4 views

Malicious code in ori-gabriel-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 80e4a738169f3040e2786d44f744d9646f6ae11d6b59e30d03c4edba106a7c2d The OpenSSF Package Analysis project identified 'ori-gabriel-test' @ 7.7.8 npm as malicious. It is considered malicious because: - The package...

7.2AI score
Exploits0
Rows per page
Query Builder